Blog post

My Denial of Service (DoS) Defense Paper Publishes

By Anton Chuvakin | September 11, 2012 | 3 Comments

securityDenial of Serviceannouncement

Finally my Denial of Service paper is up on the site: “Denial of Service: A Comparison of Defense Approaches”


“Denial of service (DoS) attacks are back in focus due to Anonymous and other hacktivist attackers over the last few years. Malicious DoS attacks for financial gain are also on the rise. This assessment compares defense approaches for denial of service and formulates recommendations for the right combined approach to use for enterprise DoS defense.”

A few quotes:

No single type of a security safeguard can reliably stop all DoS attacks, and thus, enterprise DoS defense strategy must involve multiple components and safeguard types. “

“Denial-of-service attacks are in many regards different from other security issues organizations face. Unlike other attacks, where patches and locally installed security appliances can block an attack altogether, the defense calculus for denial of service is different because no organization can prevent or block all DoS attacks on its own.

“Knowing the limits of your infrastructure under extreme network conditions is an important component of understanding what other DoS safeguards would be needed.”

Enjoy! And see my other Gartner writing.

The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.

Comments are closed


  • Steven Noble says:

    From about 1998 I ran a few EFNet IRC Servers, basically huge DoS magnets. It was a quick way to shake issues out of your network such as blocking packets to routers upstream of the machine and finding out what hardware in your network supported packet filtering (in hardware).

    In 2000 when Amazon, eBay, OnSale and others were attacked, I used a lot of tricks I had learned to find traffic sources and block them. No RPF in those days, so everything was done by hand.

    Now there are companies that will literally sink Gigabits of traffic for you and filter out the good data. The attacks and the protection against them continue to get more sophisticated over the years.

    I don’t have access to your report through any of my sources but from reading the table of contents it looks like you covered current state of the DDoS world well.

  • Ronen Kenig says:

    Great paper Anton! You managed to explain very well the options that organizations are facing when they come to plan their Anti-Dos security systems, as well as very good coverage of DoS attacks.

  • @steven and @ronen Thanks a lot for the comments and for the praise!